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Description 



Systems and methods to prevent 
products from counterfeiting and 
surplus production also of tracking their 
way of distribution. 

Cross Reference to Related Applications 

[0001] 6456729, September 2002, Moore, 382/103; 6226619, 
May 2001, Halperin et al., 705/l;6073121, June 2000, 
Ramzy, 705/45;6069955, April 1998, Coppersmith et al., 
380/54;6053406, April 2000, Litman 235/449;5974150, 
October 1999, Kaish et al., 713/179;5988500, November 
1999, Litman, 235/450;5267756, December 1993, Molee 
et al., 283/86 
Background of Invention 

[0002] Field of the Invention The present invention concerns a 
system to secure any kind of products against falsifica- 
tions, more in particular a method and system using 
coded sequences and logical comparison to determine if a 



product is an original or a falsification. 

[0003] Background of the Art Hardly a product is safe against 
counterfeiting. Always better technical possibilities and 
more complex methods of the counterfeiters lead to bet- 
ter and faster produce fraudulent falsifications. The con- 
ventional recognition characteristics of many marks such 
as labels and packing no more hurdle for counterfeiters 
today because beside the product its whole appearance is 
imitated. For consumers, retailers, wholesale dealers or 
authorities the distinction between original and falsifica- 
tion is hardly possible at first glance. The subsequences 
are recessions in sales, liability claims and image loss by 
brand manufacturers. 

[0004] It js tried to secure original products against falsifications 
by using special security characteristics, which require a 
high technical and financial expenditure and can usually 
only be manufactured in specialized enterprises. The 
product, its packing or its accompanying document for 
example carry one or more substances with security char- 
acteristics such as safety thread, which exhibit on visually 
or by machine controllable physical or chemical character- 
istic, like fluorescence or magnetism. Also hologram la- 
bels represent a further security characteristic, which 



shows depending on the viewing angle color effects, 
which cannot be reproduced by copy machines, and which 
are glued on the product or its packing. Furthermore to 
the well known measures for the increase of the falsifica- 
tion safeness and for the increase of the recognition rate 
of falsifications the use of micro text, Guilloch-printing, 
Kinegram, radio frequency identification (RFID) tag, etc. 
belongs. 

[0005] The used security characteristics are however in each case 
only applicable for a reduced group of products meaning- 
fully as a function of economic, technical, legal or also 
medical requirements. Technologically complex measures 
require if necessary special sensors and measuring instru- 
ments for the examination of product falsifications, which 
are not generally available. The simpler and more favor- 
able the production of security characteristics, as faster 
and easier counterfeiters turns around the technical edge 
of security characteristics. By the constant advancement of 
the technology the counterfeiter will be able to copy ever 
products easier in always-shorter time. 

[0006] An additional form of counterfeiting happens by out- 
sourcing the manufacturing of products to third parties. 
The originator risks that third party manufacturer produce 



more pieces as ordered and bring these products into tlie 
marl<et witliout l<nown by the originator possibly with less 
quality where these surpluses produced products can 
hardly be identified as counterfeits. In particular such 
cases happens when manufacturer are located in areas 
where the originator is not able to hold the third party li- 
able for. 

[0007] U.S. Pat. No. 5,267,756 describes a system where an au- 
thentication system, method and article for memorabilia 
and other forms of articles wherein a hologram is affixed 
to the article with a tamper-proof adhesive. The hologram 
has thereon a unique code number. A certificate of au- 
thenticity is provided with the article and it includes a like 
or different hologram, but with a matching unique code 
number. A master record or list of the unique code num- 
ber and related article to which the code number applies 
is maintained by an entity, which also provides a registra- 
tion "hotline." A purchaser of the article can register that 
article, and at any time in the future when the article is 
sold or otherwise transferred its authenticity can be veri- 
fied through the registration hotline. 

[0008] U.S. Pat. No. 5,988,500 describes a system where elon- 
gated magnetic elements can be inserted into items to 



provide readable magnetic patterns, wliicli provide repro- 
ducible or unique signal patterns to identify or authenti- 
cate the items. Magnetic fibers may be distributed within 
items or magnetic strips to provide reproducible patterns 
when read. The patterns are stable because of the rela- 
tively large size of the magnetic elements as compared to 
conventional patterns of particles in recordable media. 
Oriented patterns of filaments may also be inserted into 
transactional items such as credit cards, checks and the 
like to provide identification (antiforgery) security to the 
item. 

[0009] U.S. Pat. No. 5,974,150 describes an authentication sys- 
tem comprising a medium having a plurality of elements, 
the elements being distinctive, detectable and disposed in 
an irregular pattern or having an intrinsic irregularity. 
Each element is characterized by a determinable attribute 
distinct from a two-dimensional coordinate representa- 
tion of simple optical absorption or simple optical reflec- 
tion intensity. An attribute and position of the plurality of 
elements, with respect to a positional reference is de- 
tected. A processor generates an encrypted message in- 
cluding at least a portion of the attribute and position of 
the plurality of elements. The encrypted message is 



recorded in physical association witli the medium. The el- 
ements are preferably dichroic fibers, and the attribute is 
preferably a polarization or dichroic axis, which may vary 
over the length of a fiber. An authentication of the 
medium based on the encrypted message may be authen- 
ticated with a statistical tolerance, based on a vector map- 
ping of the elements of the medium, without requiring a 
complete image of the medium and elements to be 
recorded. 

[0010] U.S. Pat. No. 6,053,406 describes a method for any mag- 
netically readable systems such as credit cards, currency, 
identification cards, or other transactional items. The in- 
formation stored on the magnetically readable system is 
then used for verifying the authenticity of the source of 
information by comparing a signal from said item with a 
defined signal and providing a warning signal if the pre- 
determined level of conformity is not achieved or is not 
exceeded. 

[0011] U.S. Pat. No. 6,069,955 discloses a method using a visible 
seal or label containing a serial number is placed in plain 
view on the product packaging. The visible label contains 
the serial number as well as a first public key encrypted 
version of the serial number. A second or hidden label in- 



side of the package has thereon a second encrypted ver- 
sion of the serial number made using a second public key. 
Only the manufacturer knows the private keys. Using a 
corresponding public key provided by the manufacturer, 
the consumer, law enforcement agent, or customs inspec- 
tor can verify that the encrypted version matches the se- 
rial number. Moreover, using a point of sale machine 
equipped with the public key the sales clerk can authenti- 
cate the product in front of the consumer at point of pur- 
chase. Additionally, in the case of a CD or other digital 
medium, the hidden label may comprise a digital water- 
mark of the encrypted serial number such that a con- 
sumer, law enforcement agency, or customs inspector can 
readily detect a counterfeit product. 
[0012] U.S. Pat. No. 6,073,121 describes a method, which im- 
proves check fraud prevention systems both in printing 
and verifying checks. The method operates by printing on 
each issued check, a line of encrypted machine-only read- 
able symbols such as a bar-code that contains all the in- 
formation printed on the check, using a special, key- 
selectable encryption algorithm. When a check is pre- 
sented to a bank teller or a cashier, a required, modified 
reader/decoder device connected to a computer, will read 



the line of encrypted data and identify a fraudulent check 
for rejection. The method requires primarily computer 
software additions and changes. 

[0013] U.S. Pat. No. 6,226,619 discloses a method and system for 
preventing counterfeiting of an item include an interro- 
gatable radio frequency identification (RFID) tag attached 
to the item. The item includes visible indicia for compari- 
son with secret, non-duplicable information stored in the 
tag designating authenticity. 

[0014] U.S. Pat. No. 6,456,729 discloses a system and method of 
marking goods for authentication and tracking purposes 
is described. The system and method include a central 
control that enables the system. The method and system 
are accomplished in real time affording manufacturers the 
ability to eliminate problems associated with counterfeit- 
ing and diversion which begin at one or more manufac- 
turing site which are remote from central control. A cen- 
tral control unit enables the system by providing an allot- 
ment of marks to one or more host units. Each host unit 
directs marking terminals to mark, at locations remote 
from the host units, particular goods or packages with 
specific information encoding symbols. Items are prefer- 
ably marked directly with dyes containing one or more ac- 



tive compounds, but alternately can be identified by 
means of affixed fixtures, which are marked with encod- 
ing symbols either prior to, or subsequent to, affixing to 
the items. Following marking, items are scanned to insure 
proper marking. Once within the commerce stream, items 
can be checked by illuminating the symbols marked 
thereon and cross referencing this data with the host 
database by using a field reading unit, or alternately de- 
coded into clear text at the field reader for analysis. 

[0015] A careful detailed review of the above patent disclosures 
results in the conclusion that although each method may 
be useful in combating check fraud. 

[0016] Thus there remains a need for a system and method, 

which is in principle applicable for all pieces of products 
and easy to implement into the production process by us- 
ing an encrypted sequence and deliver it with each piece 
of product. Only the verification of such a sequence is not 
the guarantee of an original product because in case of 
counterfeiting the product and the sequence it will not be 
recognized as falsification. Therefore the invention has a 
system and method to determine in real time products as 
original or as falsification even in cases where valid se- 
quences are copied and used on multiple products. 



Summary of Invention 



[0017] The present invention is to suggest a global system for 
protecting products against counterfeiting, surplus pro- 
duction and determining the place where the actual proof 
of authenticity of a product is carried out which is in prin- 
ciple applicable for all kind of products. In application and 
conversion it is as simple as possible, small additional re- 
quirements to the examinable ness places and is besides 
economical. The system can be easy implemented in any 
production process in a similar way as marking products 
with a serial number or a price tag. In addition the present 
invention provides a method of tracing the way of distri- 
bution of these products that can be beneficial to affirm 
the truth of the proof of authenticity. The system includes 
methods of calculating unique, short and high secure en- 
coded sequences by using computer hardware and soft- 
ware. In addition it includes input devices, computer 
hardware and software, which can be physically linked via 
any kind of data connections. The encoded unique se- 
quence is further named as unique product-inspection 
sequence. 

[0018] Accordingly it is a prime object of the present invention to 
deliver an encoded sequencewith each piece of product. 



which enables subsequent inspections to proof the au- 
thenticity of products. The unique product-protection se- 
quence can be a numerical sequence, alphanumerical se- 
quence, a sequence of alphabetical characters or a bit se- 
quence. The unique product-inspection sequence can be 
arbitrary delivered with products for example: visible 
printed or engraved as a sequence of alphanumeric char- 
acters or barcode on the product, its package, on a label 
which is affixed to the product or its package or on an ac- 
companying document; implemented into or affixed to the 
product or its package by using a radio frequency identifi- 
cation (RFID) tag; stored on a magnetic stripe or a memory 
chip as bit stream. Depending on the kind of product, its 
value and its production process the economically best 
solution can be chosen. 
[0019] A further object of the invention is the field inspection of 
products at any place to determine the authenticity of 
products or to trace the way of distribution of products. A 
first proof of authenticity is carried out by decoding the 
enclosed unique product-inspection sequence of a prod- 
uct and tests its consistency. In a second step further 
comparisons with data stored on a computer system are 
carried out to recognize for example cases where a coun- 



terfeiter copied valid unique product-inspection se- 
quences and affixed tliem to forged products. 

[0020] For generating unique product-inspection sequences tlie 
same number of preceding sequences so called product- 
individual identification sequences is required. The prod- 
uct-individual identification sequence can be for example 
an already existing serial number of products or a gener- 
ated random bit sequence assigned to each piece of prod- 
uct. The product-individual identification sequence or a 
subsequence derived from it is encoded by means of an 
encryption method using a secret encryption key, whereby 
a unique identification sequence is generated. The unique 
identification sequence or a combination of the unique 
identification sequence and the product-individual identi- 
fication sequence or a subsequence of one of the said se- 
quences is delivered with each piece of product as unique 
product-inspection sequence. The sequence or its com- 
plementary data need to be stored in log files in the sys- 
tem for subsequent examinations. 

[0021] According to the present invention for encoding and de- 
coding of unique product-inspection sequences any kind 
of symmetrical encryption method or asymmetrical en- 
cryption method can be used. For the encoding in addition 



to the encryption method a secret encryption l<ey is re- 
quired which need to be l<ept secret in a way that only le- 
gitimate parties are able to gain access to the secret key. 
Parties who can access the secret encryption key can gen- 
erate product inspection sequences if the encryption 
method is known. 

[0022] A variation of the present invention is using a symmetrical 
encryption method where a secret decryption key is nec- 
essary for verifying the consistency of unique product- 
inspection sequences. The decryption keys need to be 
kept secure in the same way as the encryption keys. The 
decryption keys need to be kept secure because it is pos- 
sible to calculate the secret encryption key out of the de- 
cryption key. Without knowledge of the secret decryption 
key it is not possible to test the consistency of encoded 
unique product-inspection sequences. 

[0023] A further variation of the present invention is using an 

asymmetrical encryption method where as well an encryp- 
tion and decryption key is required. The encryption key 
need to be kept secret but the decryption key can be pub- 
lished since the encryption key cannot be computed from 
the public decryption key with current available standard 
computer capacity. An asymmetrical encryption method 



enables in particular a field examination, which can be 
executed for example by authorities, a wholesale dealer, a 
retailer or a consumer at any place. 

[0024] Another object of the present invention in order to in- 
crease the security and to shorten long unique product- 
inspection sequences is to utilize additionally to the en- 
coding so-called hash methods. A hash method can be 
utilized before, after or before and after the encryption is 
conducted. Beyond shortening unique product-inspection 
sequences the execution of additional hash methods in- 
creases the security of the encoded sequences. 

[0025] Further objects of the present invention are log and regis- 
tration files where in the log files all kind of transactions 
processed by the system are recorded in particular each 
proof of the authenticity of a unique product-inspection 
sequence is recorded. The registration files are used to 
store data about the parties who can carry out proofs of 
authenticity of unique product-inspection sequences. All 
the collected and stored data in the log files and registra- 
tion files is used for comparison to determine a product 
as original or as falsification. 

[0026] Further objects and advantages of the present invention 
will be apparent from study of the specification descrip- 



tion, the claims and the attached drawings. 
Brief Description of Drawings 

[0027] In the following the invention is further described with 
several drawings, which contain samples of possible im- 
plementations. 

[0028] FIG. 1 is a block diagram showing an example of a com- 
puter system that represents a so-called product-pro- 
tection system according the present invention as de- 
scribed later in details. 

[0029] FIG. 2 shows a flowchart how to determine a product as 
original or falsification. 

[0030] FIG. 3 is a schematic representation of the encryption of 
an alphanumerical sequence. 

[0031] FIG. 4 is a schematic representation of the decryption and 
comparison of a subsequence, which is to consider as in- 
verse execution of the encryption shown in FIG. 3. 

[0032] FIG. 5 is a schematic representation of the decryption and 
comparison of a sequence, which is to consider as inverse 
execution of the encryption shown in FIG. 3. 

[0033] FIG. 6 is a schematic representation of the encryption of a 
sequence, whereby before the encryption a hash method 
is applied. 

[0034] FIG. 7 is a schematic representation of the decryption and 



comparison of a sequence, whereby after the decryption 
an inverse hash method is applied which is to consider as 
inverse execution of the encryption shown in FIG. 6. 
[0035] FIG. 8 is a schematic representation of the decryption and 
verification of a sequence as a partially inverse processing 
of the encryption and a partially encryption as shown in 
FIG. 6. 

[0036] FIG. 9 is a schematic representation of the encryption of a 
sequence, whereby after the encryption a hash method is 
applied. 

[0037] FIG. 10 is a schematic representation of the decryption 
and comparison of a sequence, whereby before the de- 
cryption an inverse hash method is applied which is to 
consider as inverse execution of the encryption shown in 
FIG. 9. 

[0038] FIG. 11 is a schematic representation of the partially de- 
cryption and comparison of a subsequence, whereby be- 
fore the decryption an inverse hash method is applied 
which is to consider as inverse execution of the encryp- 
tion shown in FIG. 9. 

[0039] FIG. 12 shows a schematic representation of the encryp- 
tion of a sequence, whereby before and after the coding a 
hash method is applied. 



[0040] FIG. 13 shows a schematic representation of the decryp- 
tion and comparison of a sequence, whereby before and 
after the coding an inverse hash method is applied, which 
is to consider as inverse execution of the encryption 
shown in FIG. 12. 

[0041] FIG. 14 shows a schematic representation of a partially 

decryption, partially encryption and comparison of the se- 
quences, whereby before the coding a hash method is ap- 
plied which is to consider as inverse execution of the en- 
cryption shown in FIG. 12. 
Detailed Description 

[0042] Referring now to the drawings and in particular to FIG. 1 
there is shown a first block diagram of a first embodiment 
of the present invention. The example can be used for any 
kind of products. It is assumed that an originator 11 or- 
ders products by a manufacturer 13 whereby the origina- 
tor 11 and the manufacturer 13 are different parties. The 
product 31 is then delivered to a wholesale dealer 42 into 
a different country where a custom 41 is involved. From 
the wholesale dealer 42 the product 31 is delivered via a 
retailer 43 to the final consumer. The final consumer ac- 
cording to this case is an individual who consume the 
product 31. Each of the said parties is registered and au- 



thorized to use the system, has a log-on ID 5 and is using 
a computer system with an ID 7. 

[0043] The single modules as shown in FIG.l as there is a calcu- 
lation and encryption module 20, a storing and query 
module 21, a decryption and verification module 22 and a 
registration module 23 together represent a so-called 
product-protection system 50. Each of the modules is 
setup to carry out special processes. The modules of the 
product-protection system 50 can be combined into a 
single software module or each of the modules operates 
as separate software module. For security reasons and 
performance it is of advantage if the modules operate on 
separate computer systems. 

[0044] The carried out processes and transactions on each mod- 
ule are recorded and stored in so-called log files 7. The 
registration module 23 includes so-called registration 
files 8 where data for legitimization of the parties those 
access the product-protection system 50 is stored. It is of 
advantage if the log files 7 and registration files 8 are 
built up as structured files or as databases. 

[0045] Furthermore it is of advantage in case the computers and 
input devices are connected via a public data line for ex- 
ample the Internet to use secure data transmission proto- 



cols for example secure socket layer (SSL) or Internet pro- 
tocol security (IPSEC) and to use secured authentication 
systems for example Kerberos or Radius to legitimate and 
restrict the access to the product-protection system 50 
and the software modules for the parties according their 
tasks. 

[0046] The product-protection system 50 according to the 
present invention consists of computer hardware and 
computer software. The computer hardware can either be 
one single computer or a complex computer system based 
on several computers setup at different locations and dif- 
ferent kind of input devices connected for example scan- 
ner or barcode reader which can be connected with each 
other by any kind of data connection for example dial up 
connections or the Internet depending on the require- 
ments of the parties using the system. 

[0047] The product-protection system 50 can be setup as a one 
client system where only one company is using the system 
for processing and storing data or it can be setup as multi 
client system where a unlimited number of companies at 
the same time can process and store data at the physically 
same system. In case of a multi client system the system 
need to be setup in a way that it is impossible that parties 



of one client can access the data of other clients except 
they are authorized for. This can be assured by setting up 
appropriate authorizations and assign them to the clients 
using the system. 

[0048] Each of the modules of the product-protection system 50 
can be setup as independent software module or all mod- 
ules can be combined into one software module. The 
modules can be embedded in existing systems where the 
functionality according to this invention represents an ex- 
tension of the said system. In particular the calculation 
and encryption module 20 can be embedded in software 
such as production planning and controlling tools. The 
decryption and verification module 22, the storing and 
query module 21 and the registration module 23 can be 
embedded in particular into existing business solutions, 
which are for example in use for trading or customer rela- 
tionship management. 

[0049] All the involved parties are very much interested in deal- 
ing only with original products. The custom 41 to avoid 
smuggling goods into foreign countries, the wholesale 
dealer 42, the retailer 43 and the final consumer 44 want 
to have assured that they acquired the original product. If 
the wholesale dealer or retailer sells falsified product 



copies the manufacturer may stops the supply via this way 
of distribution and the brand name may loose its good 
reputation. In general it can be assumed that copied 
products are of less quality than the original products, to 
that all involved parties carry a higher risk. 

[0050] The product-protection system 50 according to the 
present invention is a system based on apparatus and 
methods of protecting products against counterfeiting in 
a simple and cost effective way. The requirements are to 
deliver a high secure encrypted sequence a so-called 
unique product-inspection sequence 14 with each piece of 
product in a way as explained later in the present inven- 
tion, proof the consistency of this unique product-in- 
spection sequence 14 via a computer system and carry out 
additional comparisons. Based on the result of a consis- 
tency test of those unique product-inspection sequence 14 
and logical comparison of the said sequence with data 
stored on a product-protection system 50 products can 
be determined as original or falsification. 

[0051] The unique product-inspection sequence 14 is calculated 
by processing a sequence, which is associated with each 
piece of product for example a serial number whereby, 
this sequence according to the present invention is called 



product- in dividual sequence II. The product-individual 
sequence II is further processed to a so-called input se- 
quence 12. Encoding and carrying out hash methods to a 
sequence called identification sequence 13 then further 
process the input sequence 12. Finally the identification 
sequence 13 is further processed to the unique product- 
inspection sequence 14. 

[0052] In the following described example the product-protec- 
tion system 50 is build up as a system based on four 
computers whereby on each computer different modules 
are operating. The computers are internally connected via 
local network connections. The external parties access the 
product-protection system via public lines by using SSL 
for secure data transmission. 

[0053] The product-protection system 50 according to the 

present invention consists of the modules: Calculation and 
encryption module 20, Decryption and verification module 
22, Storing and query module 21 and Registration module 
23. 

[0054] 1) Calculation and encryption module 20 containing the: 
a) computer instruction set to generate product-individual 
sequences 1; b) computer instruction set to calculate in- 
put sequences 12; c) computer instruction set to calculate 



identification sequences 13 by encrypting input sequences 
12; d) computer instruction set to carry out liasli metliods; 

e) computer instruction set to calculate unique product- 
inspection sequences 14 from identification sequences 13; 

f) computer instruction set to assure unique product- 
inspection sequences 14 within one product-protection 
system 50; g) computer instruction set to legitimize par- 
ties wlio would like to use this module and to assign the 
appropriate authorization; h) computer instruction set to 
verify the authorizations assigned to a party with the re- 
quired authorization for each instruction set if the as- 
signed authorizations are sufficient to execute the in- 
structions of an instruction set; i) computer instruction set 
to record transactions which are carried out within this 
module into log files; j) computer instruction set to en- 
crypt sequences stored in log files for subsequent com- 
parison; k) computer instruction set to query data stored 
in log and registration files; I) computer instruction set to 
generate and send messages; m) computer instruction set 
to build up an interactive interface for legitimized parties 
to carry out transactions; . 

[0055] n) computer instruction set to receive data from and send 
data to remote terminals and input devices; o) computer 



instruction set to excliange data and messages witli otiier 
modules of tlie product-protection system; p) log files to 
store data; q) interface to execute external commands and 
exchange data and messages with external programs. 
[0056] 2) Decryption and verification module 22 containing: a) 
computer instruction set to decrypt and encrypt se- 
quences; b) computer instruction set to process hash and 
inverse hash instructions; c) computer instruction set to 
verify the consistency of unique product-inspection se- 
quences 14; d) computer instruction set to verify and pro- 
cess logical comparison of retrieved data during a proof of 
authenticity with stored data in log files; e) computer in- 
struction set to generate and send system messages; f) 
computer instruction set to record transactions which are 
carried out within this module into log files; g) computer 
instruction set to query data stored in log and registration 
files; h) computer instruction set to legitimize parties who 
would like to use this module and to assign the appropri- 
ate authorization; i) computer instruction set to build up 
an interactive interface for legitimized parties to carry out 
transactions; j) computer instruction set to verify the au- 
thorizations assigned to a party with the required autho- 
rization for each instruction set if the assigned authoriza- 



tions are sufficient to execute the instructions of an in- 
struction set; l<) computer instruction set to receive data 
from and send data to remote terminals and input de- 
vices; I) computer instruction set to exchange data and 
messages with the other modules of the product-pro- 
tection system; m) log files to store data; n) interface to 
execute external commands and exchange data and mes- 
sages with external programs. 
[0057] 3) Storing and query module 21 containing the: a) com- 
puter instruction set to store sequences and complemen- 
tary data of the sequences; b) computer instruction set to 
verify the authorizations assigned to a party with the re- 
quired authorization for each instruction set if the as- 
signed authorizations are sufficient to execute the in- 
structions of an instruction set; c) computer instruction 
set to record transactions which are carried out within this 
module into log files; d) computer instruction set to query 
data stored in log and registration files;e) computer in- 
struction set to exchange data and messages with the 
other modules of the product-protection system; f) log 
files to store data; g) interface to execute external com- 
mands and exchange data and messages with external 
programs. 



[0058] 4) Registration module 23 containing tlie: a) computer in- 
struction set to process the registration of parties before 
tliey can access the product-protection system 50; b) 
computer instruction set to legitimize parties to access 
the system;c) computer instruction set to assign autho- 
rizations to legitimized parties;d) computer instruction set 
to verify the authorizations assigned to a party with the 
required authorization for each instruction set if the as- 
signed authorizations are sufficient to execute the in- 
structions of an instruction set; e) public interface to pro- 
cess the registration of public parties and to publish data 
to the public; f) computer instruction set to store data of 
the registered parties; g) computer instruction set to ver- 
ify the stored data of the registered parties with the data 
retrieved by legitimating parties; h) computer instruction 
set to record transactions which are carried out within this 
module into log files; i) computer instruction set to query 
data stored in log and registration files; j) computer in- 
struction set to send messages and data to addresses 
about the registration of new parties ; k) computer in- 
struction set to receive data from and send data to remote 
terminals and input devices; I) computer instruction set to 
exchange data and messages with the other modules of 



the product-protection system; m) log files and registra- 
tion files to store data; n) interface to execute external 
commands and exchange data and messages with exter- 
nal programs. 

[0059] In a further extension of the present invention each of the 
parties who would like to access one of the modules of 
the product-protection system 50 according to the inven- 
tion need to be successful legitimized before transactions 
can be carried out for example generating unique prod- 
uct-inspection sequences 14 or proof the authenticity of 
products 31. For security reasons the legitimization ap- 
plies as well for automatic input devices. For a proper le- 
gitimization all of the involved parties as well as their au- 
tomatic input devices such as magnetic card readers, bar 
code scanners or any other kind of input terminal are 
stored in registration files 8 with appropriate data. The 
registration files contain at least the log-on ID 5 and a 
password. It is of advantage when the input device ID 7 
which can be for example an Internet Protocol (IP) address 
or a hardware address such as the Media Access Control 
(MAC) address of a network card, the full address of the 
enquirer, additional addressees with their preferred com- 
munication method to where system messages shall be 



send to are contained as well. In the explained sample all 
information"s are stored in registration files 8. 
[0060] In case an involved party for example a custom 41 would 
like to proof the authenticity of a product 31 he has to 
connect to the product-protection system 50 where it is 
required to input the log-in ID 5 and a password to gain 
access to the system. The login ID 5 and the password are 
in combination verified with the stored data in registration 
files 8 by the registration module. In case the login ID 5 
and the provided password match the stored data in the 
registration file 8 the access to the system is granted. In 
addition to improve the security of the system the input 
device ID 7 is verified as well in this example. Further it is 
of advantage in case automatic input devices are used for 
the proof of authenticity to process the legitimization au- 
tomatically. In addition legitimizations are recorded and 
stored in a log file 7. In case a legitimization fails the sys- 
tem administrator and other defined addresses get noti- 
fied in real time by automatic generated system mes- 
sages. 

[0061] In accordance with a further favorable execution form of 
the invention a final consumer, who is basically not a reg- 
istered enquirer, can check unique product-inspection se- 



quences 14. Only after registration at the product-pro- 
tection system 50 by using the public interface of the reg- 
istration module 23 a final consumer can proof the au- 
thenticity of products. 

[0062] The registration as final consumer 44 can be carried out 
in simple form by connecting to the public interface of the 
registration module via any kind of data connection for 
example the Internet, enter for example name, address, 
telephone number and email address. It is assumed that 
final consumers 44 who access the product-protection 
system 50 via the Internet do have an email address. The 
registration process requires filling in an application form 
6 and transmitting this data to the registration module 23. 
The registration module 23 stores data and forward the 
access data as there is an ID 5 and an initial password to 
the email address provided during the registration pro- 
cess. Without the access data the final consumer 44 can- 
not log-on to the product-protection system 50 that 
however is required for the examination of unique prod- 
uct-inspection sequences 14. 

[0063] In context with the registration of final consumers 44 the 
data entered during the registration process however can- 
not be considered as reliable. Further data, which can be 



retrieved during the registration process and during otiier 
usage of the product-protection system 50 from the data 
terminal of the final consumer 44 he connects to the 
product-protection system 50, can be manipulated as for 
example the IP address and thereby this data is not reli- 
able. Only by considering these aspects this data of a final 
consumer 44 provided by registration should be used. A 
further variant is, when the data a final consumer 44 en- 
tered during the registration process is verified. If the data 
a final consumer 44 entered into the registration from 6 
are confirmed without doubts, then this data can be seen 
as reliable and used for tests and further purposes like 
determining the way of distribution. For each case collect- 
ing and storing data of a final consumer 44 national legal 
regulations need to be considered. 
[0064] jhe originator 11 who would like to have a product pro- 
duced and brought to the market is very much interested 
to protect his product against counterfeits in a simple and 
cheap way. The originator 11 can either produce the 
product by its own company or the production can be 
outsourced to a location where the costs of the produc- 
tion are smaller as producing by its own or because the 
originator 11 does not have the production line as re- 



quired for producing such a product. In all cases the orig- 
inator 11 can use the system and method of the present 
invention:a) to secure the product against counterfeits 
and; b) to assure that the manufacturer 13 to where the 
production is outsourced produce exactly the number of 
pieces ordered by the originator 11. 

[0065] In order to protect the products and to make sure that the 
manufacture 13 produce only the number of products the 
originator 11 wants to have produced the originator 11 
need to provide the same number of unique product- 
inspection sequence 14 as much products he ordered from 
the manufacturer 13. In addition the originator need to 
make sure that the manufacturer 13 deliver with each 
product one unique product-inspection sequence 14. 

[0066] For generating unique product-inspection sequences 14 
the originator 11 need to connect to the product-pro- 
tection system 50 and must be legitimized successful. Af- 
ter successful legitimating the originator 11 can access 
the calculation and encryption module 20, can calculate 
the encrypted identification sequence 13 and generate the 
unique product-inspection sequence 14. The originator 
can define the number how many sequences he wants to 
generate in one transaction with the calculation and en- 



cryption module 20. 

[0067] Only authorized parties in particular the originator 11 are 
able to calculate identification sequences 13 and generate 
unique product-inspection sequences 14. Restricting the 
access to the secret encoding key Kl and assigning rights 
to generate unique product-inspection sequences 14 only 
to the originator 11 or a trusted party can assure this. For 
security reason it is of advantage when the secret encod- 
ing key Kl is not stored at any module of the product 
protection system. 

[0068] For generating encrypted identification sequences 13 the 
originator 11 need to provide for each encrypted identifi- 
cation sequences 13 one complementary product-indi- 
vidual sequence II. The product-individual sequence II 
can either be given by the originator 11 for example as al- 
ready existing serial numbers or any kind of product ID"s 
or they can be generated by using the calculation and en- 
cryption module 20. The product-individual sequence II 
can be a continuous or random numerical or alphanumer- 
ical sequence, a sequence of alphabetical characters or a 
bit sequence. The product-individual sequence II or a 
subsequence derived from it is the input sequence 12 
which is processed further in the calculation and encryp- 



tion module 20 by using an encryption method El and a 
secret encoding l<ey Kl to calculate the encrypted identifi- 
cation sequence 13. Based on the encrypted identification 
sequence 13 the unique product-inspection sequence 14 is 
generated. 

[0069] For the encoding of the identification sequence 13 all 

known symmetrical and asymmetrical encryption methods 
where a l<ey for the encryption and decryption is required 
can be utilized. 

[0070] As unique product-inspection sequence 14 the encrypted 
identification sequence 13 can be assigned, or it can be a 
sequence based on any kind of combination of the en- 
crypted identification sequence 13 and the unencrypted 
product-individual sequence II or it can be subsequence 
derived from one of the said sequences. 

[0071] During generating product-inspection sequences 14 the 
calculation and encryption module 20 assure that within 
one product-protection system 50 the product-inspection 
sequence 14 is unique. After a product-inspection se- 
quence 14 is generated it is checked if the same product- 
inspection sequences 14 exists already in a log file 7. In 
case a product-inspection sequences 14 exists already a 
new product-inspection sequences 14 is generated. 



[0072] This unique product-inspection sequence 14 can be a nu- 
merical, alplianumerical sequence or a bit sequence de- 
pending on how the unique product-inspection sequence 
14 shall be delivered with the product. 

[0073] In a further extension of the invention the originator 11 
generates exactly the numbers of unique product-in- 
spection sequences 14 as many pieces of products he want 
to have produced by the manufacturer 13. This form of 
the invention is useful to define and control by the origi- 
nator 11 the number of products 31a manufacturer 13 is 
allowed to produce. 

[0074] In case a manufacturer 13 produces more pieces of prod- 
ucts 31 than unique product-inspection sequences 14 
where delivered by the originator 11 the manufacturer 13 
can enclose: a) copies of already used up unique product- 
inspection sequences 4; b) invalid unique product-in- 
spection sequences 4; c) deliver the surplus produced 
product pieces 31 without unique product-inspection se- 
quences 4. 

[0075] All kind of illegal produced product pieces 31 will be rec- 
ognized by the product-protection system 50 during a 
proof of authenticity. 

[0076] In one realization form of the invention the unique prod- 



uct-inspection sequences 14 can be delivered automati- 
cally or manually in electronic form to the manufacturer 
13 even directly to the device which affix the unique 
product-inspection sequence 14 to the product. In a dif- 
ferent realization form of the invention the manufacturer 
13 accesses the calculation and encryption module 20 of 
the product-protection system 50 and after successful le- 
gitimization he can retrieve the unique product-inspection 
sequences 14. The retrieved unique product-inspection 
sequences 14 are then affixed to the product during the 
production process. 
[0077] The unique product-inspection sequences 14 can be deliv- 
ered with the product in many different ways. In accor- 
dance with a favorable execution form of the invention the 
unique product-inspection sequence 14 is printed or en- 
graved in readable form on the product or its package as 
character string. It can also be printed on a label that is 
affixed to the product or its package. For example the 
unique product-inspection sequence 14 as well as the se- 
rial number is printed on the product whereby the unique 
product-inspection sequence 14 as alphanumeric charac- 
ter string and the serial number as number sequence with 
digits from 0 to 9. 



[0078] The moreover it is of advantage, if tlie unique product- 
inspection sequence 14 is in macliine-readable form. For 
example the unique product-inspection sequence 14 is 
carried out as 2D or 3D bar code or as macliine-readable 
alphanumerical characters. The unique product-inspec- 
tion sequence 14 could be applied as well on a magnetic 
stripe or on a memory chip, which is affixed to the prod- 
uct or implemented into the product. Since with this exe- 
cution form of the invention the unique product-in- 
spection sequence 14 can be recognized automatically by 
an input device to proof the authenticity, longer unique 
product-inspection sequences 14 can be used. The unique 
product-inspection sequence 14 can consist in this case of 
any bit sequence and is not limited to alphanumeric char- 
acters. 

[0079] As a further favorable execution a radio frequency identi- 
fication (RFID) tag containing the unique product-in- 
spection sequence 14 as bit stream that is implemented 
into, affixed to the product or its package or delivered 
with the product as accompanying piece. 

[0080] A further version of the execution is storing the unique 
product-inspection sequence 14 in addition to user data 
on a medium which data is not changeable for example on 



read-only memory chips (ROM), read-only compact disks 
(CD"s) or digital versatile disks (DVD"s) containing soft- 
ware, audio or video data. 

[0081] A form of the execution can also be, if the unique prod- 
uct-inspection sequence 14 is in visually readable form 
printed on the product or its package. With this execution 
form of the invention the unique product-inspection se- 
quence 14 can be entered into a data input device by an 
enquirer by typing in via a keyboard. 

[0082] In accordance with a further favorable execution form of 
the invention the unique product-inspection sequence 14 
is printed in readable form on an instruction leaflet as 
character string, machine-readable character string or as 
barcode which is delivered with the product or supplied 
separately. In this way a longer unique product-inspection 
sequence 14 can be generated where the product is not be 
impaired. 

[0083] Depending on the kind of product, its value and its pro- 
duction process the economically best solution can be 
chosen to enclose the unique product-inspection se- 
quence 14 with the product. The production of the compo- 
nent carrying the unique product-inspection sequence 14 
can even be outsourced to third parties. Depending on the 



product it is of advantage to deliver tlie unique product- 
inspection sequence 14 in more then one form witli tlie 
product 31 for example in readable form for manual input 
and in machine-readable form for automatic detection or 
scanning. 

[0084] The manufacturer 13 produces on request by the origina- 
tor 11 the products 31 and delivers them with the en- 
closed unique product-inspection sequence 14 into the 
market. In case the manufacturer 13 produces more prod- 
ucts 31 as requested by the originator 11 the manufac- 
turer 13 can enclose already used up unique product- 
inspection sequences 14, invalid unique product-in- 
spection sequences 14 or deliver the surplus produced 
products 31 without unique product-inspection se- 
quences 14. All kind of illegal products 31 will be recog- 
nized by the product-protection system 50 according to 
the present invention during a proof of authenticity. 

[0085] In a further extension of the present invention the trans- 
actions carried out by the originator 11 and the manufac- 
turer 13 with the modules of the product-protection sys- 
tem 50 are all recorded and stored in log files 7 by the 
storing and query module 21. The generated unique 
product-inspection sequences 14 and all required comple- 



mentary data of the unique product-inspection sequences 
14 is stored as well in the log file 7 by the storing and 
query module 21. 

[0086] In a further execution of the invention it is of advantage 
when the manufacturer 13 is obliged to report the prod- 
ucts 31 and the unique product-inspection sequences 14 
he delivered to the market with delivery point of time and 
receiver of the products 31 either to the originator 11 or 
to the product-protection system 50 where the informa- 
tion is stored in log files 7 in the storing and query mod- 
ule 21. In case the manufacturer 13 reports to the origi- 
nator 11 it is of advantage when the originator forwards 
this information to the product-protection system 50 
where it is then stored in log files 7 by the storing and 
query module 21 for subsequent queries. 

[0087] The product 31 with the associated unique product-in- 
spection sequence 14 is delivered from the manufacturer 
13 into the market. The first party who gets in contact 
with the product 31 in case of this example is the custom. 
After the product 31 passed the custom it is usually dis- 
tributed via a wholesale dealer 42 and a retailer 43 to the 
final consumer 44. The custom 41, the wholesale dealer 
42 and the retailer 43 have a special interest in the au- 



thenticity of the product. The custom would like to proof 
if the product 31 match the declared product in the way- 
bill. The wholesale dealer 42, the retailer 43 and the final 
consumer 44 want to assure that they acquired an original 
product and not a counterfeit. 

[0088] According to the example of the present invention the 

custom is involved in the chain of verifying the authentic- 
ity of products. It is assumed that the custom 41 is regis- 
tered already at the registration module 23. Before proof- 
ing the authenticity of a product the custom 41 need to 
connect to the product-protection system 50 and legit- 
imized first to carry out a proof of authenticity of a prod- 
uct 31. After the custom 41 connects to the product- 
protection system 50 the log-on ID 5 and a password 
must be entered. In addition the device ID 7 is verified if it 
matches the stored combination of log-on ID 5, password 
and device ID 7. When the custom is successful legit- 
imized the unique product-inspection sequence 14 can be 
entered and transmitted to the decryption and verification 
module 22 for examination. 

[0089] The decryption and verification module 22 decrypt the re- 
ceived unique product-inspection sequence 14 by means 
of the decoding procedure Dl using the decryption key K2 



and calculate a test sequence Tl. The test sequence Tl is 
compared with the complementary data of the unique 
product-inspection sequence 14 that is stored in the log 
files 7 in the storing and query module 21. The result of 
the verification is reported to the enquirer as well as to 
other defined addressees. In case the unique product- 
inspection sequence 14 was transmitted by an automatic 
input device the result of the verification is only send to 
the addressees assigned to this device. 

[0090] After the product 31 with the associated unique product- 
inspection sequence 14 was successful approved and 
passed the custom 41 the product 31 is usually dis- 
tributed via a wholesale dealer 42 and a retailer 43 to the 
final consumer 44. 

[0091] By means of the present invention each authorized party 
can carry out proofs of authenticity of products 31 by ver- 
ifying the consistency of encoded unique product-in- 
spection sequence 14 delivered with each piece of prod- 
ucts 31. 

[0092] Before the verification of a unique product-inspection se- 
quence 14 can be processed a feasible test sequence need 
to be calculated out of the unique product-inspection se- 
quence 14 by carrying out the decryption and further cal- 



culations. 

[0093] If a symmetric encryption method was used for tlie en- 
coding of the unique product-inspection sequence 14 the 
decryption must be carried out in an inverse calculation by 
using the secret decryption key K2 and the decryption 
method Dl. With symmetrical encryption method it is 
necessary to keep both the encryption key Kl and the de- 
cryption key K2 secret. Since the coding can be accom- 
plished within modules where a legitimization is required 
and the access to data and transaction is controlled by 
authorizations, the secrecy of the decryption keys can be 
ensured in a centralized as well as in decentralized built 
product-protection system 50. 

[0094] In an execution form of the present invention the unique 
product-inspection sequence 14 is only calculated by en- 
coding the product-individual sequence II or a subse- 
quence derived from it. In such cases the decoding of the 
unique product-inspection sequence 14 is carried out by 
means of the decryption method Dl with the encryption 
key K2 in order to calculate a test sequence Tl. The in 
such a way calculated test sequence Tl can be examined 
by verifying whether it matches the data or the comple- 
mentary data, which is stored in log files 7 and assigned 



to the unique product-inspection sequence 14. 

[0095] In an alternative version of tlie present invention tlie 

unique product-inspection sequence 14 consists of a com- 
bination of the unencrypted input sequence 12 and the 
encoded unique product-inspection sequence 14. The test 
sequence Tl is retrieved by decoding the unique product- 
inspection sequence 14 and the test sequence Tl is com- 
pared with the unencrypted input sequence 2. If the test 
sequence Tl matches the input sequence 2, which was 
used as input sequence for the calculation of the encoded 
unique product-inspection sequence 14, then the exam- 
ined unique product-inspection sequence 14 is consistent. 
The first comparison with the stored data in the log file 7 
in the storing and query module 21 reports then the re- 
sult, that the unique product-inspection sequence 14 is 
authentic. If the test sequence Tl does not match the in- 
put sequence 2, then the unique product-inspection se- 
quence 14 is incorrect. If other errors can be excluded, the 
checked product 31 is identified as a falsification. 

[0096] If for encoding of unique product-inspection sequence 14 
asymmetrical encryption methods El are utilized the de- 
coding can be carried out with a public decryption key K2, 
a so-called "Public key". In case of using asymmetrical 



methods the decryption key K2 does not have to be kept 
secret. This is important for further extensions of the 
present invention where a decentralized proof of authen- 
ticity is carried out. The decryption key K2 could then be 
stored as public key on decentralized testing devices, 
which can be used in particular for field inspections. In 
addition or instead of storing the decryption key K2 on 
decentralized testing devices the decryption key K2 can 
even be published via the public interface of the product- 
protection system 50. 
[0097] In case of carrying out decentralized proofs of authenticity 
decentralized testing devices need to contain a computer 
system where: a) the unique product-inspection sequence 
14 can be input manually or automatically depending on 
the way how the said sequence is delivered with the prod- 
uct; b) one or many public decryption keys k2 can be 
stored and easily added or removed; c) computer instruc- 
tions can be stored and executed which utilizes the de- 
cryption, comparison and reports the result; d) the de- 
crypted sequence can be compared with the product-in- 
dividual sequence II or the input sequence 12 depending 
on the sequence delivered with the product; e) the unique 
product-inspection sequence 14 and its test result as well 



as useful data like data and time of tlie test can be stored; 
f) data can be exchanged with a central computer system 
or even the product-protection system 50 to transfer the 
stored data from the decentralized testing device to the 
product-protection system 50 for further comparison and 
storing. 

[0098] _Ref67055728ln aversion of the present invention a 
product-individual sequence II and a unique product- 
inspection sequence 14 are both enclosed with a product 
31. A public key K2 is stored on a decentralized testing 
device where the consistency test of unique product- 
inspection sequences 14 can be examined. By doing so the 
unique product-inspection sequence 14 is input into a de- 
centralized testing device where the said sequence is de- 
coded with a decryption method Dl by using the public 
key K2. The in such a way calculated test sequence Tl can 
then be compared with the product-individual sequence 
II. In case the product-individual sequence II and the test 
sequence Tl matches then this result is the reference that 
the unique product-inspection sequence 4 is authentic. 

[0099] In case of field inspections with off-line testing devices it 
is of at advantage when the information, which unique 
product-inspection sequence 14 was tested, its appropri- 



ate data as there is the test result, date and time when the 
test was conducted and the ID 7 of the testing device are 
stored on the decentralized testing device. When the 
unique product-inspection sequences 14 of all products 
31 are tested the decentralized testing device is later con- 
nected via any kind of data line to the product-protection 
system 50 or to a different computer to where the stored 
data is transmitted. In case the data is first transferred to 
a different computer system. When the data is finally 
transmitted to the product-protection system 50 further 
comparisons are carried out to determine the tested 
products as original or as falsification. The product- 
protection system 50 carries out these comparisons auto- 
matically and reports the result to addressed parties in 
real time. The information to which party and in which 
way the result shall be reported is stored in registration 
files 8 associated with the log-on ID 5 and the device ID 
7. 

[0100] _Ref67055728However there are product falsifications 
conceivable, where a counterfeiter could obtain one or 
many unique product-inspection sequences 14 for exam- 
ple by copying them from original products or in a differ- 
ent way and enclose them with falsified products or a 



manufacturer 13 produce more products as ordered by an 
originator 11. Tlie falsified products tlien contain valid 
unique product-inspection sequences 14 and by the first 
proof of authenticity by testing the consistency of the 
unique product-inspection sequence 14 these products are 
not recognized as falsifications. In order to identify prod- 
uct falsifications with valid unique product-inspection se- 
quences 14, further comparisons must be carried out. 
[0101] A first additional test is to check whether an enquirer 

tested the unique product-inspection sequence 14 already 
in former times. Such cases of multiple tests are identified 
in a second comparison with queries processed on log 
files 7 where the unique product-inspection sequence 14 
is the search criteria for the query. In the log files 7 for 
each former carried out proofs of authenticity of unique 
product-inspection sequences 14 an appropriate record is 
created. For proper identification such a said entry con- 
tains at least one of the following sequences: the unique 
product-inspection sequence 14 and the product-indi- 
vidual sequence II. Beyond that it is of advantage when 
the entry contains at least the identification ID 5 of the 
enquirer, who carried out the proof of authenticity, the ID 
7 of the input terminal from which the proof of authentic- 



ity was carried out, date and time when tlie proof of au- 
tlienticity was carried out as well as the result of the proof 
of authenticity. Since the system is intended for a world- 
wide use, it is of advantage to store date and time in an 
international comparable format. 

[0102] vvith each proof of authenticity of products 31 queries of 
the data stored in log files 7 are carried out. In case of 
previous off-line tests of the unique product-inspection 
sequence 14 this query is carried out as soon as the data is 
transmitted from the off-line device to the product- 
protection system 50 and confirmed as completed. 

[0103] After the query and in case no former proof of authentica- 
tion of the unique product-inspection sequence 14 is de- 
tected there are three possibilities: a) it is an original 
product; b) it is a falsification with a valid unique product- 
inspection sequence 14 where the original product is not 
checked so far; c) an input error or an error during trans- 
mission occurred which by coincidence represents a valid 
unique product-inspection sequence 14. 

[0104] In case former proofs of authentication of the unique 
product-inspection sequence 14 are detected there are 
five possibilities: a) it is an original product whose unique 
product-inspection sequence 14 is checked again now by 



another enquirer than before; b) it is an original product, 
whose unique product-inspection sequence 14 is checl<ed 
again by the same enquirer than before; c) it is an original 
product and the former checked product of this particular 
unique product-inspection sequence 14 was a falsification; 
d) it is a falsification where the valid unique product- 
inspection sequence 14 was copied from an original prod- 
uct and enclosed with the falsification and the previous 
checked unique product-inspection sequence 14 is the 
original; e) an input error or an error during transmission 
occurred which by coincidence represents a valid unique 
product-inspection sequence 14. 
[0105] By comparing data stored in log files 7 associated with the 
unique product-inspection sequence 14, data stored re- 
lated to the enquirer in registration files 8 as well as data 
stored about input devices with data retrieved from the 
enquirer and from the input device as there is for example 
the input device ID 7 now further conclusions can be con- 
sidered to identify if a product whose unique product- 
inspection sequence 14 is checked is an original or a falsi- 
fication. 

[0106] The probability of an incorrect input or of an error during 
transmission, which by coincidence represents a valid 



unique product-inspection sequence 14, is rat lier very 
small by the use of the coding technology and the hash 
methods according to the present invention. The proba- 
bility of an incorrect input or an error during transmission 
can be excluded with very high probability by carrying out 
additional logical comparisons in conjunction with the log 
files 7. 

[0107] In a variant of the present invention where the recorded 
information is stored in log files 7 and in registration files 
8 the way of distribution of products 31 can be verified as 
additional test to proof the authenticity of products 31. If 
an enquirer carries out the examination of unique prod- 
uct-inspection sequences 14 the device ID 7 of the input 
terminal is transmitted to the product-protection system 
50. By using the device ID 7 in combination with the ID 5 
of the enquirer the current location of the product can be 
determined by querying the log files 7 and registration 
files 8. Comparing the in such a way determined current 
location with the way of distribution stored in log files 7 
can be used to determine a product as original or as falsi- 
fication. The way of distribution was previously either en- 
tered by an originator 11 or a manufacturer 13. It is for 
example very implausible if a final consumer 44 or retailer 



43 in the USA can have acquired an original product that 
according to the records in the log files 7 was delivered to 
a wholesale dealer 42 in France particularly since a whole- 
sale dealer 42 and a retailer 43 in France already exam- 
ined the unique product-inspection sequence 14 of this 
product. 

[0108] In a further version a test can be utilized if the ID 5 of the 
enquirer in coherence to the ID 7 of the input device 
match the data stored in registration files 8 and log files 
7. The result of this test can be used to check whether the 
logged-on enquirer is using a correct registered input 
terminal or input device. In case of discrepancy it might 
be possible that an unauthorized party gained access with 
a valid ID 5 and further actions should be taken into ac- 
count for example to get in contact with the enquirer and 
confirm whether it is an authorized access or not and 
send system messages to responsible parties. 

[0109] A product 31 usually follows a well-known way of distri- 
bution from the manufacturer 13 to the final consumer 
44. In coherence to this described sample according FIG. 1 
a custom 41, a wholesale dealer 42 and a retailer 43 get 
in contact with the product and each of them is very inter- 
ested to carry out the examination of the unique product- 



inspection sequences 14 to proof the autlienticity of a 
product 31. From tlie retailer 43 tlie product 31 is tlien 
delivered to the final consumer 44 who is after a simple 
registration at the product-protection system 50 able to 
carry out as well the proof of authenticity of the product 
he purchased. It can be assumed or even requested by the 
originator 11 or the manufacturer 13 that the proof of au- 
thenticity must be carried out by wholesale dealer 42 and 
retailer 43 however this cannot be assumed and requested 
from a final consumer. Wholesale dealer 42 and retailer 
43 for example can carry out the test when products 31 
are delivered on stock or sold out of stock. 

[0110] A further example of implausibility is when a retailer 43 
examines unique product-inspection sequences 14 which 
had up to then not examined by a wholesale dealer 42, al- 
though the unique product-inspection sequences 14 of 
such products 31 was in former cases always examined by 
a wholesale dealer 42 at first. The same applies in case a 
final consumer 44 in Europe examines a unique product- 
inspection sequence 14 that was at the same day reported 
by manufacturer 13 as delivered to USA. 

[0^ ^ ^] The variants of logical comparisons of data retrieved with 
the unique product-inspection sequence 14 when an en- 



quirer carries out a proof of authenticity in colierence with 
the data stored in log files 7 or registration files 8 are nu- 
merous and can be individually adapted according the re- 
quirements. In context of the examination one ore many 
logical comparisons can be carried out. 

[0112] It is of advantage that as much as possible meaningful 

data is stored in logs files 7 or registration files 8 that can 
be used for further comparisons to identify if products 31 
are original or falsification. The more data the files con- 
tains, the more reliable the result of the comparisons is. 

[0113] FIG. 2 shows a flow chart about the carried out tests and 
comparisons as explained by samples and how the con- 
clusion is made if the examined unique product-in- 
spection sequences 14 belongs to an original product or a 
falsification. 

[0114] As shown in FIG. 2 after a unique product-inspection se- 
quence 14 is received all the carried out actions are 
recorded. At first the unique product-inspection sequence 
14 is decoded by means of a decoding method Dl by us- 
ing a decryption key K2. After the decryption a test se- 
quence Tl is received which is then proved of consistency. 
In case the test results in an inconsistency the product is 
identified as falsification. In case the result is consistent in 



a next test it is verified if the decoded test sequence Tl 
matclies tlie data or the complementary data, which is 
stored in log files 7 and assigned to the unique product- 
inspection sequence 14. In case it does not match the sys- 
tem identify the product as well as falsification. When the 
data matches one or many logical tests are carried out af- 
terwards. 

[0115] A deviation at one of the logical tests permits the conclu- 
sion the product 31 might be a falsification. In this case 
the product-protection system 50 recognize a falsifica- 
tion, retrieves appropriate data from the log files 7 and 
registration files 8, generate a system message about the 
result, record this information in log files 7 and send a 
message to all the addresses defined in the registration 
files 8. 

[01 1 6] When all logical comparisons with the data of the log files 
7 and registration files 8 where successful the addresses 
as defined in the registration files 8 get the confirmation 
that the product 31 is identified as an original. However it 
is still not for sure, because it could be possible that a 
counterfeiter used a copy of a valid unique product-in- 
spection sequence 14 which so far was not examined and 
all the logical comparisons result in no irregularity. In this 



case the system would notice a falsification only if the 
unique product-inspection sequence 14 of the original 
product is examined later on. 

A further favorable extension of the present invention is 
sending messages in real time not only to the enquirer 
but also to defined addresses in any case when examina- 
tions of unique product-inspection sequences 14 are car- 
ried out. Under certain circumstances the product-pro- 
tection system 50 might send a success message to the 
enquirer but a warning message about the recognition of 
falsifications to one or many defined addressees. An ad- 
dressee can be for example the originator 11, the manu- 
facturer 13, official authorities or any other third party 
who is appointed to monitor the activities and need to be 
informed about. In case the examination is carried out au- 
tomatically the message can only be addressed to defined 
addresses those are linked to an automatic input device. It 
is of advantage when the message contains information"s 
about the product 31, current location of the device from 
where the examination is carried out, identity of the en- 
quirer who carries out the examination and the present 
date and time. The message can be transmitted in differ- 
ent ways and forms depending on the favorable commu- 



nication method setup for the addressee for example as a 
call from an automatic telephone system, by fax, by email 
or as a short message to wireless devices. 

[0118] For calculating, decoding and encoding unique product- 
inspection sequences 14 it is of advantage to use standard 
and approved methods to assure high-secured sequences. 
Symmetrical and asymmetrical methods can be utilized 
whereby for each kind various algorithms exist. Not all the 
standard algorithms on the market are able to calculate 
secure unique product-inspection sequences 14. Depend- 
ing on the method and the algorithm more or less re- 
sources for coding are required. 

[0119] In case the product-protection system 50 is setup for 
more then one client the method and algorithm can be 
customized for each client it can even be changed during 
the run time of the system to improve the security. In case 
a variant of the present invention is setup to change the 
methods and techniques during the run time each unique 
product-inspection sequences 14 is linked to the method 
and algorithm which was used for coding and calculation 
whereby the information is stored in log files 7. 

[0120] In a variant of the invention symmetrical encoding meth- 
ods also called single-key or secretkey methods are uti- 



lized for the encryption and decryption whereby for both 
cases a secret key is used. For encoding an input se- 
quence 12 a symmetrical encryption method El and a se- 
cret l<ey Kl are used. The in such a way calculated unique 
product-inspection sequence 14 can only be decoded with 
knowledge of the secret key K2 and by using the equiva- 
lent symmetrical encryption method. A further substantial 
characteristic of symmetrical coding methods is that the 
encoded unique product-inspection sequence 14 cannot 
correct decoded without the secret key K2 even if the 
symmetrical encoding method is known. The secret key 
Kl of a symmetrical encryption method cannot be derived 
from different samples from pairs of encoded or decoded 
information"s by current computing power. 

[0121] When using symmetrical methods it must be assured that 
the encryption keys Kl and the decryption keys K2 are 
kept secret. Counterfeiters, who gain access to the secret 
keys, could produce authentic unique product-inspection 
sequences. In particular it is of advantage, if the used 
symmetrical encryption method is one of Blowfish, CAST- 
128, f8, IDEA, Rijndael, RC5 or Triple-DES algorithm. 

[0122] Symmetrical encryption methods in general are very fast 
and can be implemented at little expenditure in hardware 



and in software. A further advantage of the use of sym- 
metrical encrypting methods is the l<ey and the blocl< 
lengths are relatively short. Thus also the unique product- 
inspection sequence 14 can be short and can be enclosed 
comfortably with the product. Since the encoding and de- 
coding by using symmetrical encryption methods can only 
be utilized by authorized parties where the access to all 
modules of the product-protection system 50 is secured 
by authorizations, the secrecy of the secret keys can be 
guaranteed by suitable measures, for example by the 
obligatory legitimating of the involved parties against the 
product-protection system 50 using the actual technical 
possibilities for secured data transmission. 

[0123] Alternative to symmetrical encoding methods asymmetri- 
cal encoding methods can be used. With asymmetrical a 
method a pair of keys is used a secret key so-called pri- 
vate key for encoding and a non-secret key so-called 
public key for decoding. A private key Kl for the encryp- 
tion need to keep secure and only accessible by autho- 
rized parties such as an originator 11. For security rea- 
sons the private key can even be stored outside of the 
product-protection system 50. 

[0^24] Since the private key of an asymmetrical encryption 



method can be derived neither from the decryption 
method Dl, nor from the public decryption l<ey K2 with 
today available computing power, the public key can be 
made freely available to all parties without any risk. It is 
not possible for a counterfeiter to generate valid unique 
product-inspection sequences 14 by using the public de- 
cryption key K2 even he has knowledge about the used 
encryption method El. 

[0125] The public key can either be distributed to enquirers or 
the public key can be published via the public interface of 
the registration module 23. This enables in particular a 
field examination, which can be executed by the custom 
41, a wholesale dealer 42 or a retailer 43 at any location. 
It is of advantage if the asymmetrical encoding method is 
one of DSA, ECC or RSA algorithm. 

[0126] In order to avoid that using always the same keys carrying 
out all coding it is of advantage to exchange the keys fre- 
quently to improve the security. In that case so-called key 
management should be established for the administration 
of the keys. For example different secret keys in temporal 
succession can be used in such a way that the validity of 
each individual key is temporary limited. 

[0127] In the following the drawings FIG. 3 to FIG. 12 are ex- 



plained by samples whereby for each sample symmetric 
encryption methods as well as asymmetric encryption 
methods are applicable. In case hash methods are utilized 
different hash techniques are applicable. The explained 
samples represent different ways of testing the consis- 
tency of unique product-inspection sequences 14 whereby 
not all possible options are explained by a sample. 
[0128] In FIG. 3 the flow chart shows a sample where an al- 

phanumerical serial number is used as product-individual 
sequence II. An originator 11 or any other authorized 
party generates an input sequence 12 that represents a 
subsequence of the product-individual sequence II equiv- 
alent to the serial number. The input sequence 12 is then 
encryptedwith the help of the encryption method El by 
using the secret encryption key Kl, whereby as result an 
encoded identification sequence 13 is calculated. The 
unique product-inspection sequence 14, which is finally 
delivered with each piece of product, is calculated as a 
product of the product-individual sequence II and the 
identification sequence 13. Such a kind of unique product- 
inspection sequence 14 for example can as readable al- 
phanumerical sequence or barcode printed on packages 
or instruction leaflets or engraved on a product such as 



sheet of glasses or metal. 

[0129] FIG. 4 shows an example of the decryption and compari- 
son of a sequence, which is to consider as inverse execu- 
tion of the encryption shown in FIG. 3 whereby a subse- 
quence is used to check the consistency of unique prod- 
uct-inspection sequence 14. The decoding of the unique 
product-inspection sequence 14 is carried out as an in- 
verse calculation process of the encoding shown in FIG. 3. 
At first the identification sequence 13 is calculated by sub- 
tracting a subsequence of the unique product-inspection 
sequence 14 from the unique product-inspection se- 
quence 14. With help of the decryption method Dl by us- 
ing a decryption key K2 the test sequence Tl is calculated 
whereby the decryption method Dl must be the same 
method as used to encrypt the unique product-inspection 
sequence 14. The consistency of the unique product-in- 
spection sequence 14 is checked by verifying if the test se- 
quence Tl is a subsequence of the unique product-in- 
spection sequence 14 which is retrieved from a log file 
where it was stored previously. 

[0130] FIG. 5 shows an example where the consistency test of a 
unique product-inspection sequence 14 is carried out by 
verifying the complete test sequence Tl with complemen- 



tary data as well as using stored data for the decoding. 
The decoding of the unique product-inspection sequence 
14 is carried as an inverse calculation process of the en- 
coding as shown in FIG. 3. At first the identification se- 
quence 13 is calculated by subtracting the product-indi- 
vidual sequence II from the unique product-inspection 
sequence 14 whereby the product-individual sequence II 
is retrieved from a log file. With help of the decryption 
method Dl by using a decryption key K2 the input se- 
quence 12 is calculated. Then a subsequence calculated 
from the product-individual sequence II is added to the 
input sequence 12 where after the test sequence Tl is cal- 
culated. The consistency of the unique product-inspection 
sequence 14 is checked by verifying if the test sequence 
Tl is equal to the product-individual sequence II which is 
retrieved from a log file where it was stored previously. 
[0131] Consistency tests by verifying if the test sequence Tl is a 
subsequence of the unique product-inspection sequence 
14 are possible because the unique product-inspection se- 
quence 14 consists of the encoded identification sequence 
13 as well as the product-individual sequence II. By using 
this kind of method the consistency test can be carried 
out as off-line field inspection by using decentralized 



testing devices. Tlie coding of tlie unique product-in- 
spection sequence 14 as shown in FIG. 3, FIG. 4 and FIG. 5 
is applicable for symmetrical as well as asymmetrical en- 
coding methods. Because the decryption key K2 of sym- 
metrical encryption methods needs to kept secret it is of 
advantage to use only asymmetrical encryption methods 
in case off-line field inspections shall be carried out. The 
public decryption key K2 can be stored on the decentral- 
ized testing device and the complete test of consistency 
can be carried out off-line. 
[0132] By carrying out off-line examinations all tested unique 

product-inspection sequence 14 and complementary data 
is stored on the off-line testing device. Only the consis- 
tency of the unique product-inspection sequence 14 is not 
a final indication if the checked product is an original or a 
falsification. 

[0133] After all off-line test are carried out the data stored on the 
off-line testing device should be transmitted at the earli- 
est possible stage to the product-protection system 50 to 
carry out further comparison to determine if the products 
are originals or falsifications. The off-line testing device 
need to connect to the product-protection system 50 ei- 
ther directly via any kind of data line for example a wire- 



less connection or the data from the off-line testing de- 
vice can be transferred to a computer device which has a 
data connection to the product-protection system 50. Af- 
ter manually or automatically successful legitimization the 
data is transferred from the source where it is stored to 
the decryption and verification module 22 where further 
testing is carried out as soon as the data is transmitted. 
[0134] In order to increase the security and to avoid long unique 
product-inspection sequences 14 it is of advantage to uti- 
lize in addition to the encoding so-called hash methods. 
A hash method can be utilized before the encryption of an 
input sequence 12 is conducted, after the encryption was 
performed. In particular it is of advantage, if a hash 
method is utilized before the encryption of the product- 
individual sequence 13 and a second hash method is uti- 
lized after the encryption. Beyond a short identification 
sequence 13 the execution of two hash methods increases 
the security of unique product-inspection sequences 14 in 
a way that for a counterfeiter it is nearly impossible to de- 
termine on basis of the unique product-inspection se- 
quence 14 the underlying hash methods, the encryption 
method El as well as the underlying secret encryption key 
Kl. In particular it is of advantage when the first and the 



second hash method is one of the MD 5, SHA-1, RIPE MD 
160, MDC-2 algorithm. The carried out hash methods be- 
fore and after the encoding can be of different algorithms. 

[0135] FIG. 6 shows a sample where before the encryption a hash 
method h^ is carried out. It is assumed that the product- 
individual sequence II is a 10-digit number. The input se- 
quence 12 is equal to the product-individual sequence II 
by meaning no processing in this step is necessary. The 
input sequence 12 is then further processed by utilizing a 
hash method h^ whereby the hashed sequence I2(h^) is 
calculated. This hashed sequence I2(h^) is then encrypted 
by means of the encryption method El by using the secret 
encryption key Kl to receive the encoded unique product- 
inspection sequence 13. The unique product-inspection 
sequence 14 that is delivered with the product is then cal- 
culated as subsequence of the identification sequence 13. 
The complementary data of the subsequence is stored in 
log files 7 in the product-protection system 50 in correla- 
tion to the unique product-inspection sequence 14. 

[0136] FIG. 7 shows the decryption and verification of the unique 
product-inspection sequence 14 as inverse processing of 
the encryption shown in FIG. 6. At first the calculation of 
the identification sequence 13 that is a product of the 



unique product-inspection sequence 14 and tlie comple- 
mentary data of tlie subsequence of the identification se- 
quence 13. The appropriate subsequence can be retrieved 
from a log file 7 whereby the unique product-inspection 
sequence 14 is the criteria to select the correct subse- 
quence. The identification sequence 13 is further decoded 
with the help of a decryption method Dl by using a de- 
cryption key K2 whereby the hashed identification se- 
quence I2(h^) is received. In a next step the inverse func- 
tion of the hash method h^ meaning h^ is carried out 
whereby the test sequence Tl is received. In a next step 
the calculated test sequence Tl and the product-indi- 
vidual sequence II are compared. 
[0137] FIG. 8 shows a sample of a consistency test of a unique 
product-inspection sequence 14 as a partially decryption 
and a partially encryption. At first the identification se- 
quence 13 is calculated as a product of the unique prod- 
uct-inspection sequence 14 and the complementary data 
of a subsequence of the identification sequence 13. The 
appropriate subsequence can calculated from an identifi- 
cation sequence 13 stored as complementary data to the 
said unique product-inspection sequence 14 in a log file 7. 
The identification sequence 13 is then further decoded 



with help of a decryption method Dl by using a decryp- 
tion l<ey K2 where after the test sequence Tl is received. 
In a second step the complementary product-individual 
sequence II of the unique product-inspection sequence 14 
that is stored in a log file 7 is processed to a hashed iden- 
tification sequence I2(h^) by using a hash method h^. The 
validity of the unique product-inspection sequence 14 is 
now compared by verifying the test sequence Tl with the 
hashed identification sequence I2(h^). 

[0138] FIG. 9 shows a flow chart where after the encryption a 

hash method h^ is carried out. An originator 11 or an au- 
thorized party generates a random product-individual se- 
quence II where after a subsequence represents the input 
sequence 12. The input sequence 12 is then encrypted with 
an encryption method El by using a secret encryption key 
Kl where as result the identification sequence 13 is re- 
trieved. In a next step the identification sequence 13 is 
further processed by means of a hash method h^ into a 
hashed identification sequence I3(h^). The hashed identi- 
fication sequence I3(h^) is then without further processing 
used as unique product-inspection sequence 14. 

[0139] The verification of the consistency of the unique product- 
inspection sequence 14 according to the explained sample 



of FIG. 9 can be carried out in two different ways as ex- 
plained later in FIG. 10 and FIG. 11. 

[0140] In FIG. 10 a first way of consistency test of a unique prod- 
uct-inspection sequence 14 is explained which was en- 
crypted as shown in FIG. 9. At first a hash inverse function 
h^ is carried out for the unique product-inspection se- 
quence 14 whereby the encoded identification sequence 13 
is retrieved. The unique identification sequence 13 is fur- 
ther decoded with the help of a decryption method Dl by 
using a decryption key K2 whereby the input sequence 12 
is received. Based on the inverse execution of the same 
formula for the calculation of the subsequence used dur- 
ing the encryption process the test sequence Tl can be 
calculated as product of the Input sequence 12 and the 
subsequence of the product-individual sequence II. The 
consistency of the unique product-inspection sequence 14 
can be checked by verifying if the test sequence Tl is 
equal to the product-individual sequence II that is stored 
in a log file 7 as complementary data to the unique prod- 
uct-inspection sequence 14. 

[0141] In FIG. 11a second way of consistency test of a unique 

product-inspection sequence 14 is explained which is en- 
crypted as shown in FIG. 9. At first a hash inverse function 



~ is carried out for tlie unique product-inspection se- 
quence 14 wliereby tlie encoded identification sequence 13 
is retrieved. Tlie unique identification sequence 13 is fur- 
ther decoded witli the help of a decryption method Dl by 
using a decryption key K2 whereby the test sequence Tl 
is received. The consistency of a unique product-in- 
spection sequence 14 in this case can be checked by veri- 
fying if the test sequence Tl is a subsequence of the 
product-individual sequence II. 

[0142] By applying a hash method h^ after the encoding it is in 
particular possible to avoid long identification sequences 
13 before they are processed further to unique product- 
inspection sequences 14. In particular when using asym- 
metrical encoding procedures, which generate large key 
lengths and large block length a hash method after the 
encoding seems more appropriate. 

[0143] The flow chart in FIG. 12 shows a sample where a hash 
method is carried out before and after the encryption. In 
this example it is assumed that an originator 11 or an au- 
thorized party generates random product-individual se- 
quence II as bit sequences by using the calculation and 
encryption module 20 of the product-protection system 
50. The storing and query module 21 stores the input se- 



quence 12 and its complementary data. Each random bit 
sequence represents an input sequence 12 witliout furtlier 
processing. Before the encryption of the input sequence 12 
is carried out a hash method h^ is utilized whereby a 
hashed sequence I2(h^) is calculated. This hashed identifi- 
cation sequence I2(h^) is then encrypted by means of the 
encryption method El with a secret key Kl where after the 
unique product-inspection sequence 13 is received. In a 
next step the identification sequence 13 is converted by 
means of a second hash method h into a hashed identifi- 

2 

cation sequence I3(h^). The unique product-inspection 
sequence 14 is then calculated as product of the hashed 
identification sequence I3(h^) and the product-individual 
sequence II. Because the unique product-inspection se- 
quence 14 represents in this sample a bit sequence it can 
be delivered with the product for example stored on a ra- 
dio frequency identification (RFID) tag, a magnetic stripe, 
a memory chip or a digital media for example a DVD. 
[0144] FIG. 13 shows a variant where the unique product-in- 
spection sequence 14 is completely inversed to verify its 
consistency. Because the unique product-inspection se- 
quence 14 is a bit sequence it can retrieved automatically 
and the whole process for the proof of authenticity can 



carried out without manual intervention. 
[0145] At first tlie liaslied identification sequence I3(li^) is calcu- 
lated by subtraction the product-individual sequence II 
from the unique product-inspection sequence 14. The 
product-individual sequence II can be retrieved from a 
log file 7 where the complementary data of the appropri- 
ate unique product-inspection sequence 14 is stored. In a 
next step for the hashed identification sequence I3(h^) a 
hash inverse function h^ is carried out whereby the en- 
coded identification sequence 13 is retrieved. Then the de- 
coding of the identification sequence 13 is carried out with 
help of the decryption method Dl using a decryption key 
K2, whereby the hashed sequence I2(h^) is retrieved. After 

that a hash inverse function h is carried out for the 

1 

hashed sequence I2(h^) the test sequence Tl is received 
as result. The test sequence Tl and the product-indi- 
vidual sequence II retrieved from a log file 7 as comple- 
mentary data to the appropriate unique product-in- 
spection sequence 14 is compared. 
[0146] Flow chart FIG. 14 shows a variant where the consistency 
of a unique product-inspection sequence 14 is tested by 
partially decrypting a unique product-inspection sequence 
14 and partially encrypting a product-individual sequence 



II. In a first step the hashed identification sequence I3(h^) 
is calculated by subtraction the product-individual se- 
quence II from the unique product-inspection sequence 
14. After that for the hashed identification sequence I3(h^) 
a hash inverse function h is carried out where the en- 

2 

coded test sequence Tl is retrieved. In a second step the 
product-individual sequence II is retrieved as comple- 
mentary data of the unique product-inspection sequence 
14 from a log file 7 and processed by carrying out a hash 
method h^ whereby the hashed sequence ll(h^) is calcu- 
lated. This hashed identification sequence ll(h^) is then 
encrypted by means of the encryption method El by using 
the key Kl to receive the product-inspection sequence 13. 
The consistency of the unique product-inspection se- 
quence 14 is now compared by verifying if the test se- 
quence Tl is equal the calculated product-inspection se- 
quence 13. 

[0147] In case the compared sequences matches it concerns a 
valid unique product-inspection sequence 14, while in 
case of discrepancy a falsified unique product-inspection 
sequence 14 is present. For determining the authenticity of 
a product after the product-inspection sequence 14 is 
confirmed as consistent the test sequence Tl is forwarded 



to carry out comparison and logical tests as shown in FIG. 
2. 



